Print Email Facebook Twitter Learning About the Adversary Title Learning About the Adversary Author Nadeem, A. (TU Delft Cyber Security) Verwer, S.E. (TU Delft Cyber Security) Yang, Shanchieh Jay (Rochester Institute of Technology) Contributor Kott, Alexander (editor) Date 2023 Abstract The evolving nature of the tactics, techniques, and procedures used by cyber adversaries have made signature and template based methods of modeling adversary behavior almost infeasible. We are moving into an era of data-driven autonomous cyber defense agents that learn contextually meaningful adversary behaviors from observables. In this chapter, we explore what can be learnt about cyber adversaries from observable data, such as intrusion alerts, network traffic, and threat intelligence feeds. We describe the challenges of building autonomous cyber defense agents, such as learning from noisy observables with no ground truth, and the brittle nature of deep learning based agents that can be easily evaded by adversaries. We illustrate three state-of-the-art autonomous cyber defense agents that model adversary behavior from traffic induced observables without a priori expert knowledge or ground truth labels. We close with recommendations and directions for future work. Subject Adversary behaviormachine learningbehavior modelingintrusion alertsstatistical models To reference this document use: http://resolver.tudelft.nl/uuid:d7c718ef-8ba6-4a35-93b2-40843fdef64f DOI https://doi.org//10.1007/978-3-031-29269-9_6 Publisher Springer Embargo date 2023-12-04 ISBN 978-3-031-29268-2 Source Autonomous Intelligent Cyber Defense Agent (AICA): A Comprehensive Guide, 87 (1) Series Advances in Information Security, 1568-2633 Bibliographical note Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. Part of collection Institutional Repository Document type book chapter Rights © 2023 A. Nadeem, S.E. Verwer, Shanchieh Jay Yang Files PDF 978_3_031_29269_9_6.pdf 1.37 MB Close viewer /islandora/object/uuid:d7c718ef-8ba6-4a35-93b2-40843fdef64f/datastream/OBJ/view